PRIVACY POLICY
Last Updated: February 1, 2026 | Effective Date: September 9, 2024
This Privacy Policy ("Policy") describes how
PAYCLOUD INFOTECH SOLUTIONS PRIVATE LIMITED ("We", "Us", or "Our")
collects, uses, shares, protects, stores, and retains your personal information and data
when you access or use our Platform at www.ezypayment.in.
This Policy applies to all Users, Merchants, and End Users of the Platform,
regardless of the device or method used to access the Services.
By using our Services, You consent to the collection, processing, and use of your
information as described in this Policy. This Policy should be read in conjunction
with our Terms and Conditions (Part I of this document).
1. Information We Collect
We collect personal information and data in accordance with the principles of
data minimisation, purpose limitation, and transparency.
1.1 Information Provided Directly by You
- Registration & Account Data: Full legal name, business name, email address, mobile number, date of birth, residential or business address, PAN, Aadhaar, GSTIN, DIN, CIN, photograph/selfie, security answers, and KYC/AML details.
- Payment & Transaction Data: Card details, bank account details, IFSC, UPI IDs, wallet addresses (stored in tokenised/encrypted form), transaction metadata, status, and history.
- Business Information (Merchants): Incorporation documents, business registrations, MOA/AOA, turnover details, financial statements, business descriptions, settlement details.
- Communication Data: Support tickets, feedback, emails, messages, attachments, and correspondence.
- Consent & Preference Data: Marketing preferences, cookie settings, language preferences, and opt-in/opt-out choices.
1.2 Information Collected Automatically
- Technical & Device Data: IP address, MAC address, device identifiers, browser details, OS, screen resolution, device model, app version, session tokens.
- Usage & Behavioural Data: Pages visited, clickstream data, time spent, searches, actions, errors, and interaction data.
- Location Data: Approximate location via IP and precise GPS location with explicit consent.
- Log Data: Server logs, error logs, security logs, and operational logs.
1.3 Information Obtained from Third Parties
We may receive information from payment processors, banks, credit bureaus,
identity verification providers, social media platforms (if linked),
advertising partners, and other service providers, as permitted by law.
2. Legal Basis for Processing
- Contractual Necessity
- Legal Obligation
- Legitimate Interests
- Consent
3. How We Use Your Information
- Account creation, authentication, and access
- Transaction processing and settlement
- KYC, AML, fraud detection, and risk assessment
- Service communications and notifications
- Personalisation and permitted marketing
- Analytics, bug fixing, and service improvement
- Legal compliance and enforcement
- Aggregated and anonymised analytics
- Third-party service delivery
- Complaint, dispute, and grievance handling
- Internal audits and compliance reviews
4. Sharing & Disclosure of Information
- Service Providers & Sub-Processors
- Legal & Regulatory Authorities
- Business Transfers
- Fraud Prevention & Security
- Aggregated & Anonymised Data
- With Your Consent
5. Data Security
- SSL/TLS encryption in transit
- Encryption of sensitive data at rest
- Tokenisation of payment data
- Multi-factor authentication
- Security audits and penetration testing
- Role-based access controls
- PCI-DSS and ISO 27001 compliance
- Employee security training
- Secure data disposal
6. Data Retention & Disposal
| Category of Data |
Retention Period |
Basis |
| Account & Registration Data |
Account duration + 7 years |
Legal obligation |
| Transaction Records |
7 years |
RBI & Income Tax |
| KYC Documents |
7 years |
PMLA & RBI |
| Support Records |
3 years |
Legitimate interest |
| Usage Data |
Up to 2 years |
Analytics |
| Security Logs |
1 year |
Security |
| Consent Records |
Consent duration + 3 years |
Compliance |
7. Your Rights
- Right of Access
- Right to Rectification
- Right to Erasure
- Right to Data Portability
- Right to Restrict Processing
- Right to Object
- Right to Withdraw Consent
8. Children’s Privacy
Our Services are intended for individuals aged 18 years and above.
9. Cross-Border Data Transfers
Personal data may be transferred outside India with appropriate legal and
contractual safeguards in place.
10. Automated Decision-Making & Profiling
Automated systems may be used for fraud detection and risk assessment.
Human review is available upon request.
11. Changes to This Privacy Policy
We may update this Policy from time to time. Continued use of the Services
constitutes acceptance of the revised Policy.
12. Contact Us — Privacy Officer
Email: privacy@ezypayment.in
Company: PAYCLOUD INFOTECH SOLUTIONS PRIVATE LIMITED
Address:
A-6 2nd Floor, Luv Kush Tower,
Exhibition Road, Bank Road (Patna),
Patna, Phulwari, Bihar, India – 800001
